We take a quick look at recent GDPR news and events to keep you up to speed.
In previous posts, we've explained that the way that businesses deal with personal data going to & from the EU may change. Now we have a formal decision on this from the European commission!
The European Commission has decided that the UK's data protection law is broadly "equivalent" to the EU's version of GDPR.
This means that transmitting personal information between the EU and UK can carry on without needing to put new legal documentation in place. Hooray!
Of course, you will still need to comply with the usual requirements of GDPR to protect personal information. This decision just means that transfers to the UK are considered safe under law and uphold people's data protection rights. This is different to places like the USA, where you need to have the Standard Contractual Clauses in place to provide legal cover for data processed there.
There is a little fly in the ointment though: this "equivalence" decision has a time limit on it. You might be wondering "why?"
GDPR covers all aspects of personal data protection and privacy, including state surveillance laws. The debate at the EU was whether the UK's surveillance laws (which are already a little uncomfortable for some data protection experts) might become so intrusive as to override people's rights under GDPR.
So we will have another review in four years' time. We're all OK for the moment but we'll need to keep an eye on this in future! Especially since many businesses use servers in the EU for their Microsoft, Google and other cloud storage accounts.
...and The Ugly
It's probably been hard to avoid the news about CCTV footage and the former Health Secretary this week. We're not going to get involved in the details of that!
But there is an important point here about how access to CCTV images is controlled. As we saw with the news, the impacts of leaking these images can be massive on people: lost jobs, broken relationships, publicity and reputational impacts. If you have CCTV at work, how are you making sure that no-one is copying pictures or footage and posting them on TikTok?
CCTV footage needs special protection and your team should be trained in how to properly manage access and deletion of records.
If you’re unsure about what your small business must do to remain compliant with UK data protection regulations (or even whether GDPR still applies to you!) then drop us a line at firstname.lastname@example.org
Image by Ronald Plett from Pixabay
Check out our GDPR training course for small business employees today!
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.